-
-
Notifications
You must be signed in to change notification settings - Fork 367
Expand file tree
/
Copy path.env.self-host.example
More file actions
182 lines (155 loc) · 7.13 KB
/
Copy path.env.self-host.example
File metadata and controls
182 lines (155 loc) · 7.13 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
# ========================================
# Plunk Self-Hosting Configuration
# ========================================
# ========================================
# REQUIRED: Security & Database
# ========================================
DB_PASSWORD=changeme123
JWT_SECRET=
# ========================================
# REQUIRED: Domains
# ========================================
# Replace example.com with your domain
# Or use *.localhost for local testing
API_DOMAIN=api.example.com
DASHBOARD_DOMAIN=app.example.com
LANDING_DOMAIN=www.example.com
WIKI_DOMAIN=docs.example.com
# For local development: URIs for running services locally
# These are used by the applications at runtime
API_URI=http://localhost:8080
DASHBOARD_URI=http://localhost:3000
LANDING_URI=http://localhost:4000
WIKI_URI=http://localhost:1000
# NEXT_PUBLIC_* variables are used for client-side code and sitemap generation
# Use placeholder URLs that will be replaced at Docker container runtime
NEXT_PUBLIC_API_URI=https://next-api.useplunk.com
NEXT_PUBLIC_DASHBOARD_URI=https://next-app.useplunk.com
NEXT_PUBLIC_LANDING_URI=https://www.useplunk.com
NEXT_PUBLIC_WIKI_URI=https://next-wiki.useplunk.com
# Set to 'true' if using HTTPS in production (behind a reverse proxy/load balancer)
# This affects how application URIs are auto-generated from domain names
USE_HTTPS=false
# ========================================
# REQUIRED: AWS SES (Email Sending)
# ========================================
AWS_SES_REGION=us-east-1
AWS_SES_ACCESS_KEY_ID=
AWS_SES_SECRET_ACCESS_KEY=
# Configuration sets for email tracking
# SES_CONFIGURATION_SET: Default configuration with open/click tracking enabled
SES_CONFIGURATION_SET=plunk-configuration-set
# SES_CONFIGURATION_SET_NO_TRACKING: Optional configuration without tracking
# If not set, the tracking toggle will be hidden in project settings
# When set, projects can choose to disable email tracking
SES_CONFIGURATION_SET_NO_TRACKING=plunk-no-tracking-configuration-set
# Custom MAIL FROM subdomain — used to construct `<subdomain>.<your-domain>`
# when a domain is added. Defaults to `plunk`. Override when `plunk.<your-domain>`
# is already used for something else (e.g. an R2/CDN custom domain), since the
# MAIL FROM hostname needs MX + TXT records that can't coexist with a CNAME.
# Example: MAIL_FROM_SUBDOMAIN=emails → emails.<your-domain>
# MAIL_FROM_SUBDOMAIN=
# ========================================
# OPTIONAL: OAuth Login
# ========================================
GITHUB_OAUTH_CLIENT=
GITHUB_OAUTH_SECRET=
GOOGLE_OAUTH_CLIENT=
GOOGLE_OAUTH_SECRET=
# ========================================
# OPTIONAL: File Storage (Minio)
# ========================================
# Minio is included by default in Docker Compose
# These credentials match the Minio service configuration
# Leave defaults unless you're using external storage
MINIO_ROOT_USER=plunk
MINIO_ROOT_PASSWORD=plunkminiopass
MINIO_API_PORT=9000
MINIO_CONSOLE_PORT=9001
# S3-compatible storage configuration
# For self-hosted: uses internal Minio service (defaults work out of the box)
S3_ENDPOINT=http://minio:9000
S3_ACCESS_KEY_ID=plunk
S3_ACCESS_KEY_SECRET=plunkminiopass
S3_BUCKET=uploads
S3_PUBLIC_URL=http://localhost:9000/uploads
S3_FORCE_PATH_STYLE=true
# ========================================
# OPTIONAL: Notifications (ntfy.sh)
# ========================================
# Plunk includes a self-hosted ntfy.sh server for system notifications
# You can access the ntfy web UI at http://localhost:8080 (or your configured NTFY_PORT)
# Subscribe to the topic 'plunk-notifications' to receive notifications
# Port for ntfy web UI and API (default: 8080)
NTFY_PORT=8080
# Ntfy topic URL - Uses internal ntfy service by default
# To use external ntfy.sh or your own server, change this URL
# Examples:
# - Self-hosted (default): http://ntfy/plunk-notifications
# - Public ntfy.sh: https://ntfy.sh/your-unique-topic-name
# - Custom server: https://your-ntfy-server.com/your-topic
NTFY_URL=http://ntfy/plunk-notifications
# ========================================
# OPTIONAL: SMTP Server
# ========================================
# The SMTP relay server allows sending emails via SMTP protocol
# TLS certificates can be mounted via:
# 1. Traefik acme.json (requires SMTP_DOMAIN to select the right cert)
# 2. PEM files (privkey.pem and fullchain.pem)
# SMTP domain - Required if using Traefik acme.json with multiple certificates
# Optional if using PEM files
SMTP_DOMAIN=smtp.example.com
# SMTP Ports (defaults work for most setups)
# PORT_SECURE=465 # SMTPS (implicit TLS)
# PORT_SUBMISSION=587 # SMTP Submission (STARTTLS)
# Maximum recipients per email (default: 5)
# MAX_RECIPIENTS=5
# ========================================
# OPTIONAL: Platform emails
# ========================================
# Your Plunk instance will send emails if you provide a Plunk API key and a from address
# These emails include system notifications, for example when your project hits billing limits
# PLUNK_API_KEY=
# PLUNK_FROM_ADDRESS=
# ========================================
# OPTIONAL: Security Settings
# ========================================
# Controls whether projects are automatically disabled when bounce/complaint rate thresholds are exceeded
# When enabled (default), projects exceeding security limits will be automatically suspended
# When disabled, violations will be logged and notifications sent, but projects won't be auto-disabled
# Recommended for self-hosters: false (manage project status manually)
# Default: true
# AUTO_PROJECT_DISABLE=false
# ========================================
# OPTIONAL: Self-Hosting User Management
# ========================================
# Controls whether new user signups are allowed
# When enabled (true), the signup endpoint will reject new user registration attempts
# Useful for private instances or when you want to manually manage users
# Default: false
# DISABLE_SIGNUPS=false
# ========================================
# OPTIONAL: SES Sending Rate
# ========================================
# Caps the email-worker's send rate (messages per second) for the SES sandbox or
# manually-throttled accounts. When unset, the worker probes the AWS account at
# startup via ses:GetSendQuota; if that call is denied or transiently fails,
# the worker silently falls back to 14/sec which may exceed sandbox limits and
# trigger SES throttling errors. Set this explicitly to avoid the silent fallback.
# Default: unset (auto-detect, falls back to 14)
# EMAIL_RATE_LIMIT_PER_SECOND=1
# Number of emails the worker processes in parallel. When unset, concurrency is
# derived from the effective rate limit (~ rate * 0.5, min 5, capped by
# EMAIL_WORKER_MAX_CONCURRENCY) so a higher SES quota translates into higher
# throughput automatically. Pin this only when the Prisma pool or memory is the
# binding constraint.
# Default: unset (auto-derived)
# EMAIL_WORKER_CONCURRENCY=10
# Upper bound applied to the auto-derived concurrency. Raise this when your SES
# quota is high AND the Prisma connection pool has been sized for it.
# Default: 50
# EMAIL_WORKER_MAX_CONCURRENCY=50
# ========================================
# ADVANCED (rarely needed)
# ========================================
# NGINX_PORT=80